<?php
error_reporting(0);
include("function.php");
require_once("common/config.php");
$conn = new connectDb();

if(isset($_POST['login_submited']))
{
	$login_mail = in($_POST['email'],true);
	$login_password = in($_POST['password'],true);
	
	is_login($login_mail,$login_password);
}


//第一次登录后修改用户登录状态，login_status = 1
function updateLoginStatus($nick)
{
	mysql_query("UPDATE `food_user_basic` SET `login_status` = '1' and `qq_status` = '1' WHERE `nick` = '".$nick."' AND `login_status` = '0' ORDER BY `id` DESC") or die(mysql_error());
}

function in($data,$force=false)
{
	if(is_string($data))
	{
		$data=trim(htmlspecialchars($data));//防止被挂马，跨站攻击
		if(($force==true)||(!get_magic_quotes_gpc())) 
		{
		   $data = addslashes($data);//防止sql注入
		}
		return  $data;
	}
	else if(is_array($data))//如果是数组采用递归过滤
	{
		foreach($data as $key=>$value)
		{
			 $data[$key]=in($value);
		}
		return $data;
	}
	else 
	{
		return $data;
	}	
}


//检查是否是正确的邮箱地址，是则返回true，否则返回false
function is_login($user_email,$user_pass)
{	
	if(!empty($user_email))
	{
		$chars = "/^([a-z0-9+_]|\\-|\\.)+@(([a-z0-9_]|\\-)+\\.)+[a-z]{2,6}\$/i";
		if (strpos($user_email, '@') !== false && strpos($user_email, '.') !== false)
		{
			if (preg_match($chars, $user_email))
			{	$user_pass = md5($user_pass);
				$query = mysql_query("SELECT * FROM `food_user_basic` WHERE `user_mail` = '".$user_email."' AND `user_pass` = '".$user_pass."'");
				$num = mysql_num_rows($query);
				if($num != 0)
				{	
					$_SESSION['login_mail'] = $user_email;
					
					$row = mysql_fetch_array($query,MYSQL_ASSOC);
					$userId = $row['id'];
					mysql_query("UPDATE `food_user_basic` SET `create_time` = now() WHERE `id` = '$userId'") or die(mysql_error());
					
					scanMassage($user_email);
				
					echo "<script language=\"javascript\">location.href='home.php';</script>";
				
					return true;
				
				}else
				{
					echo '<span style="color:red;" id="login_fail_tip">邮箱或密码错误！</span>';
					
					return false;
				}
			}else
			{
				return false;
			}
		}else
		{
			return false;
		}
	}else
	{
		return false;
	}
}

?>

